Load very high

azednetma

• August 18, 2023 09:19

Hello, An ip address is visiting several sites on the same server at the same time, causing a very high load. how can i block this address automatically? Thanks

• 

  cPRex Jurassic Moderator

  • August 18, 2023 14:39

  Hey there! Depending how much traffic it is creating, there may not be a way to block the IP automatically. I would look at the Apache mod_evasive package, as that is designed to block small DoS attacks:

  0
• 

  azednetma

  • August 19, 2023 13:01

  Hi, Thank you, after investigation I concluded that the server ip is the main problem. I cause a very high traffic to wp-cron files in multiple websites. How to block it please?

  0
• 

  cPRex Jurassic Moderator

  • August 21, 2023 16:05

  At the cPanel level, you can use the IP Blocker tool to block an IP from just one site: IP Blocker | cPanel & WHM Documentation If you aren't comfortable with manually editing the firewall rules, you may want to look into a tool like CSF and then you could use that to block the IP address globally on the system:

  0
• 

  acideye23

  • October 23, 2023 03:15

  Hi, I have the same problem; the server load is very high. I discovered that there is a website under a DDoS attack, and I want to block a specific IP address. However, the IP blocker I'm using doesn't seem to work. I even tried blocking my IP address on my mobile phone using data, but I can still access the website. Thank you in advance.

  0
• 

  cPRex Jurassic Moderator

  • October 23, 2023 03:34

  @acideye23 - I'd give you the same advice as I would in my previous post - I would check out the CSF firewall as that lets you manage the firewall system directly in WHM.

  0
• 

  acideye23

  • October 23, 2023 03:53

  Thank you for replying. Please bear with me; I'm a new admin for WHM/Cpanel. Currently, we have no CSF firewall installed, although we have Cloudflare and Azure NSG. The issue is that I have no access to those, only WHM/Cpanel. I also found out that there are more than 2000 IP addresses blacklisted in the IP BLOCKER. So I am wondering why adding new IP addresses doesn't work. (Note: There were admins before who managed it.) Again, thank you...

  0
• 

  cPRex Jurassic Moderator

  • October 23, 2023 14:25

  The IP blocker tool is only for one specific cPanel account - the attacker would still need to make a connection to the server, but they just wouldn't be able to access the site. Blocking the IP at the firewall is more effective as they would be blocked from the entire system.

  0
• 

  acideye23

  • October 24, 2023 02:15

  Hi cPRex, one last question. Is it advisable to install CSF firewall even we have already Cloudflare and Azure NSG? Do you have any idea if there is any conflict? Again, thank you..

  0
• 

  cPRex Jurassic Moderator

  • October 24, 2023 09:24

  There wouldn't be any conflict with those as CSF is on the server itself, while those are external tools. The local firewall is something that can still be in place and running.

  0

Please sign in to leave a comment.